Vulnerabilities > Onap > Open Network Automation Platform > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2019-12127 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2
In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication.
network
low complexity
onap CWE-306
7.5
2020-03-19 CVE-2019-12126 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2
In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication.
network
low complexity
onap CWE-306
7.5
2020-03-19 CVE-2019-12125 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2
In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication.
network
low complexity
onap CWE-306
7.5
2020-03-18 CVE-2019-12132 OS Command Injection vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2
An issue was discovered in ONAP SDNC before Dublin.
network
low complexity
onap CWE-78
7.5
2020-03-18 CVE-2019-12120 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP VNFSDK through Dublin.
network
low complexity
onap CWE-94
7.5
2020-03-18 CVE-2019-12119 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-94
7.5
2020-03-18 CVE-2019-12118 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-94
7.5
2020-03-18 CVE-2019-12117 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-94
7.5
2020-03-18 CVE-2019-12116 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-94
7.5
2020-03-18 CVE-2019-12115 Code Injection vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-94
7.5